[BUILD-1104] Upgrade bouncy castle libraries Created: 11/Jul/23 Updated: 12/Jul/23 Resolved: 12/Jul/23 |
|
| Status: | Closed |
| Project: | Build |
| Component/s: | None |
| Affects Version/s: | BOM 6.2.36 |
| Fix Version/s: | None |
| Type: | Task | Priority: | Neutral |
| Reporter: | Carlos Cantalapiedra | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | security | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Template: | |||||||||
| Acceptance criteria: |
Empty
|
||||||||
| Task DoR: |
Empty
|
||||||||
| Team: | |||||||||
| Description |
|
The libraries bcprov-jdk15on and bcmail-jdk15on are affected by https://nvd.nist.gov/vuln/detail/CVE-2023-33201. We should upgrade them to 1.74+ to get rid of this security vulnerability. |